upstream commit

Add FingerprintHash option to control algorithm used for
 key fingerprints. Default changes from MD5 to SHA256 and format from hex to
 base64.

Feedback and ok naddy@ markus@

1 files changed, 7 insertions, 9 deletions

diff --git a/sshkey.h b/sshkey.h
index 450b30c1f..4554b09b5 100644
--- a/sshkey.h
+++ b/sshkey.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.h,v 1.1 2014/06/24 01:16:58 djm Exp $ */
+/* $OpenBSD: sshkey.h,v 1.2 2014/12/21 22:27:55 djm Exp $ */
 
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
@@ -67,16 +67,14 @@ enum sshkey_types {
         KEY_UNSPEC
 };
 
-/* Fingerprint hash algorithms */
-enum sshkey_fp_type {
-        SSH_FP_SHA1,
-        SSH_FP_MD5,
-        SSH_FP_SHA256
-};
+/* Default fingerprint hash */
+#define SSH_FP_HASH_DEFAULT     SSH_DIGEST_SHA256
 
 /* Fingerprint representation formats */
 enum sshkey_fp_rep {
+        SSH_FP_DEFAULT = 0,
         SSH_FP_HEX,
+        SSH_FP_BASE64,
         SSH_FP_BUBBLEBABBLE,
         SSH_FP_RANDOMART
 };
@@ -124,9 +122,9 @@ int		 sshkey_equal_public(const struct sshkey *,
     const struct sshkey *);
 int              sshkey_equal(const struct sshkey *, const struct sshkey *);
 char            *sshkey_fingerprint(const struct sshkey *,
-    enum sshkey_fp_type, enum sshkey_fp_rep);
+    int, enum sshkey_fp_rep);
 int              sshkey_fingerprint_raw(const struct sshkey *k,
-    enum sshkey_fp_type dgst_type, u_char **retp, size_t *lenp);
+    int, u_char **retp, size_t *lenp);
 const char      *sshkey_type(const struct sshkey *);
 const char      *sshkey_cert_type(const struct sshkey *);
 int              sshkey_write(const struct sshkey *, FILE *);